[REGRESSION] Predictor tag fails to be written correctly

Bug #1439186 reported by Éric Piel (Delmic)
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tiff (Ubuntu)
Fix Released
Undecided
Marc Deslauriers
Lucid
Fix Released
Undecided
Marc Deslauriers
Precise
Fix Released
Undecided
Marc Deslauriers
Trusty
Fix Released
Undecided
Marc Deslauriers
Utopic
Fix Released
Undecided
Marc Deslauriers
Vivid
Fix Released
Undecided
Marc Deslauriers

Bug Description

The patch debian/patches/CVE-2014-8128-5.patch appears to break saving TIFF files with compression predictor.
It seems the data is correctly saved, but the "predictor" tag is not, which prevents reading the data correctly again.

This happens both on precise (release 3.9.5-2ubuntu1.7) and on trusty (release 4.0.3-7ubuntu0.2).

I'm attaching an example TIFF file "small.tiff" for showing the behaviour. It is compressed in LZW without predictor, so it is written/read correctly.

However, if you recompress it with this command, the error happens:
$ tiffcp -c lzw:2 small.tiff small-c2.tiff

Then displaying it in eog shows a completely different image. Tiffinfo indicates a problem with the tags:
$ tiffinfo small-c2-bad.tiff | grep Predictor
TIFFReadDirectory: Warning, small-c2-bad.tiff: unknown field with tag 8224 (0x2020) encountered.

Comparing it with a good version of the file (generated with a previous version of libtiff):
$ tiffinfo small-c2-good.tiff | grep Predictor
  Predictor: horizontal differencing 2 (0x2)

$ tiffcmp small-c2.tiff small-c2-good.tiff
TIFFReadDirectory: Warning, small-c2-bad.tiff: unknown field with tag 8224 (0x2020) encountered.
Predictor tag appears only in small-c2-good.tiff

Revision history for this message
Éric Piel (Delmic) (piel) wrote :
Revision history for this message
Éric Piel (Delmic) (piel) wrote :
Revision history for this message
Éric Piel (Delmic) (piel) wrote :
Revision history for this message
Éric Piel (Delmic) (piel) wrote :

After a few trial and error session, I think the attached patch to replace debian/patches/CVE-2014-8128-5.patch should fix this reported problem.

Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "Fixed version of the patch causing problem" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Thanks for reporting this issue. I will release tiff updates shortly that disable the patch until upstream decides on a final fix.

Changed in tiff (Ubuntu Lucid):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in tiff (Ubuntu Precise):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in tiff (Ubuntu Trusty):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in tiff (Ubuntu Utopic):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in tiff (Ubuntu Vivid):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in tiff (Ubuntu Lucid):
status: New → Confirmed
Changed in tiff (Ubuntu Precise):
status: New → Confirmed
Changed in tiff (Ubuntu Trusty):
status: New → Confirmed
Changed in tiff (Ubuntu Utopic):
status: New → Confirmed
Changed in tiff (Ubuntu Vivid):
status: New → Confirmed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tiff - 3.9.2-2ubuntu0.16

---------------
tiff (3.9.2-2ubuntu0.16) lucid-security; urgency=medium

  * SECURITY REGRESSION: regression when saving TIFF files with compression
    predictor (LP: #1439186)
    - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
      fix is available.
 -- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:09:19 -0400

Changed in tiff (Ubuntu Lucid):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tiff - 4.0.3-7ubuntu0.3

---------------
tiff (4.0.3-7ubuntu0.3) trusty-security; urgency=medium

  * SECURITY REGRESSION: regression when saving TIFF files with compression
    predictor (LP: #1439186)
    - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
      fix is available.
 -- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:07:34 -0400

Changed in tiff (Ubuntu Trusty):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tiff - 4.0.3-10ubuntu0.2

---------------
tiff (4.0.3-10ubuntu0.2) utopic-security; urgency=medium

  * SECURITY REGRESSION: regression when saving TIFF files with compression
    predictor (LP: #1439186)
    - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
      fix is available.
 -- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:05:44 -0400

Changed in tiff (Ubuntu Utopic):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tiff - 3.9.5-2ubuntu1.8

---------------
tiff (3.9.5-2ubuntu1.8) precise-security; urgency=medium

  * SECURITY REGRESSION: regression when saving TIFF files with compression
    predictor (LP: #1439186)
    - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
      fix is available.
 -- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:08:49 -0400

Changed in tiff (Ubuntu Precise):
status: Confirmed → Fix Released
Mathew Hodson (mhodson)
tags: added: regression-update
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tiff - 4.0.3-12.3ubuntu2

---------------
tiff (4.0.3-12.3ubuntu2) vivid; urgency=medium

  * SECURITY REGRESSION: regression when saving TIFF files with compression
    predictor (LP: #1439186)
    - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
      fix is available.
 -- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:02:39 -0400

Changed in tiff (Ubuntu Vivid):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.